ipsae
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [External Downloads] (HIGH): The installation instructions require cloning a repository from
https://github.com/DunbrackLab/IPSAE.git. This organization and repository are not on the 'Trusted External Sources' list, making the dependency unverifiable. - [Remote Code Execution] (HIGH): The skill documentation explicitly instructs users to execute code from the downloaded repository using
python ipsae.py. This is a classic 'download then execute' pattern which allows for arbitrary code execution if the remote repository is compromised or malicious. - [Indirect Prompt Injection] (LOW): The skill provides a Python function (
score_designs) that iterates over files in a directory and usessubprocess.runto execute the scoring script. While it does not useshell=True, it processes untrusted file system data (JSON and PDB files) which constitutes an ingestion point for external content. The capability is limited to local script execution. - [Command Execution] (LOW): The skill utilizes
subprocess.runto call external Python scripts. This is part of the intended functionality but increases the attack surface if input file paths are not strictly controlled.
Recommendations
- AI detected serious security threats
Audit Metadata